Incident Response & Prevention Manager

Hong Kong, Hong Kong SAR
Security – Cyber Fusion Centre & Cyber Threat Intelligence /
At, our dedication to user security is led by our highly experienced Security Team. Comprising an international roster of seasoned cybersecurity experts, our team leads the company's Security, Privacy, and Security Compliance endeavors.

The team includes holders of international patents for technologies integrated in our security architecture. Under the stewardship of a distinguished CISO recognized by the Forbes Technology Council and among the Global Top 100 CISOs, our team has consistently championed industry standards, acquiring certifications like ISO27001, ISO27701, ISO22301, PCI:DSS 3.2.1 (Level 1), NIST Tier 4, and SOC 2 Type II, in addition to the MPI License from Singapore MAS. Our Chief Information Security Officer reports directly to the CEO, underscoring the prioritization of security in our organization's hierarchy.

Our Security Team not only places great emphasis on credentials and expertise but also deeply values hands-on experience, rapid cognition, and dynamic learning. The challenges in the world of crypto are ever-evolving, and as such, our team prides itself on quick adaptability and robust teamwork, ensuring that we stay ahead of potential threats and always safeguard our user base.

As part of the CIRIFT at, you will be involved in responding and managing cyber security incidents throughout the cycle - from Preparation to Identification, Containment, Eradication, Recovery and Lessons Learnt - along with other incident responders around the globe.

You will apply all of your skills on cyber defense, digital forensics, log analysis, intrusion analysis and any related skills to respond to security incidents on our endpoints, network, and cloud infrastructure. In this role, you will provide prevention, detection, response and remediation activities to ensure information assets and technologies are adequately protected using different technologies like NGFW, EDR, IDS/IPS, EDR, DLP and more. You will also apply your collaboration and communication skills to work effectively with all relevant stakeholders in multicultural/global environments.


    • Report to Senior Manager to facilitate all phases in the incident response lifecycle
    • Involve in various incident prevention projects to improve Security posture

    • Preparation
    • Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.
    • Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/Purple Team exercises to make sure the incident response process is working smoothly
    • Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements
    • Evaluate the incident response readiness of different layers - people, process, technology

    • Detection & Analysis
    • Respond to the cyber security incidents escalated from various channels including the 24/7 SOC team.
    • Respond to cyber security incidents in compliance with the local authority / regulatory requirements.
    • Assess the risk, impact and scope of the identified security threats
    • Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs

    • Containment, Eradication and Recovery
    • Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the security incident
    • Participate in root cause analysis using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.
    • Document and present investigative findings for high profile events and other incidents of interest.

    • Post incident activities
    • Provide lessons learnt meeting to the stakeholders
    • Lead and keep track on the follow-up activities
    • Document the incident in the case management system and provide incident reports
    • Always ready to jump in, in the event of security incidents.


    • 5+ years experience in the Cyber Security industry
    • Strong technical and analytical skills
    • Familiar with the cyber security incident response process
    • Hands-on experience on performing incident response activities
    • Have scripting experience like Bash, PowerShell, Python, Go, etc, and the ability to use these skills to aid in responding to incidents involving Windows, Linux, macOS, as well as cloud environment
    • Have knowledge of cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, SIEM, other log management platforms, etc.
    • Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain
    • Be passionate on exploring new technologies and having creative initiative to boost the team capabilities
    • Holders of security related certifications is a plus (e.g.Azure, AWS, CISSP, GCIH, GCIA, GCFA, GNFA, GREM, or other equivalent)
    • Knowledge of regulatory and compliance requirements like GDPR, MAS, PSD2 etc is a plus.
    • Fast learner with can do attitude and ready to get the hands dirty
    • A strong team player who can collaborate with compassion

Life @
Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.
Transformational and proactive working environment. Elevate employees to find thoughtful and innovative solutions.
Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.
Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.
One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet. 
Are you ready to kickstart your future with us? 
Competitive salary 
Medical insurance package with extended coverage to dependents 
Attractive annual leave entitlement including: birthday, work anniversary
Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up
Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope.  
Work Perks: visa card provided upon joining 
Our benefits packages vary depending on region requirements, you can learn more from our talent acquisition team.
Founded in 2016, serves more than 80 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem.
Learn more at is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team.
Personal data provided by applicants will be used for recruitment purposes only.
Please note that only shortlisted candidates will be contacted.